Attorney General: We didn't need Apple to crack terrorist's iPhones – tho we still want iGiant to do it in future

Feds gain access to military base shooter's mobes using outside tools


The US Department of Justice is once again taking Apple to task for not cooperating with device decryption requests, even after it announced that it had retrieved information from a pair of iPhones without Cupertino's help.

Attorney General Bill Barr and FBI director Christopher Wray said on Monday the Feds have been able to get into two locked iPhones owned by Mohammed Saeed Alshamrani, the scumbag who last December gunned down three people and injured eight others in a shooting at the Pensacola Naval Air Station in Florida. Alshamrani was shot and killed by county sheriff deputies.

According to the two big-wigs, data extracted from the smartphones confirms Alshamrani carried out the murders as an act of terrorism on behalf of, and in cooperation with, the group Al Qaeda in the Arabian peninsula.

Those findings confirm what pretty much everyone already knew: that the shooting was a terrorist attack on behalf of a radical group. Of more interest, in this case, is the way in which the data the US government announced today, was obtained.

Barr and Wray confirmed they got the information off of the locked and encrypted iOS phones with a break-in tool, possibly a next-gen Cellebrite or Gray Key widget, or something similar that exploits weaknesses in Apple's firmware or brute-forces the login user interface to unlock them.

"Thanks to the great work of the FBI – and no thanks to Apple – we were able to unlock Alshamrani's phones," said Attorney General Barr.

"The trove of information found on these phones has proven to be invaluable to this ongoing investigation and critical to the security of the American people."

As Barr alluded to, this announcement comes after the Feds spent months fighting with Apple over their request that Alshamrani's phones be forcibly unlocked and the contents decrypted by Apple and then handed back over to law enforcement. Apple refused, saying that would involve some kind of special backdoor that it was unwilling to work on. The operating system and hardware encrypt the contents of the handhelds until unlocked.

Investigators had approached Apple months ago about the possibility of its engineers overriding or bypassing the locks on the two phones in order to decrypt and extract their data, only to be rebuffed by the Cupertino phone flinger.

"I could not be prouder of the relentless dedication of the men and women at the FBI who worked for months under difficult conditions to access these devices," Wray said.

"Their skill and persistence, and the sustained investigative efforts by FBI Jacksonville, the FBI’s Counterterrorism Division, and our many other federal, state, and local partners, have been nothing short of extraordinary in this case."

Photo by a katz / Shutterstock.com

FBI Director wants 'adult conversation' about backdooring encryption

READ MORE

Since the unlocking demand was made public by Barr in January, Apple has maintained it provided the FBI with assistance by giving access to iCloud backups of both of Alshamrani's iPhones.

What the Feds wanted, of course, was for the data on the phones themselves to be instantly decrypted on demand, and handed over to agents.

This has long been the sticking point between law enforcement and Apple. The FBI and other agencies want a means to decrypt any handset on demand, while Apple rightfully notes that doing so would mean inserting a back door that could be potentially exploited by rogue government agents or repressive regimes, or criminals, to leaf through people's private information.

In a statement, Apple told The Register:

On this and many thousands of other cases, we continue to work around-the-clock with the FBI and other investigators who keep Americans safe and bring criminals to justice. As a proud American company, we consider supporting law enforcement’s important work our responsibility. The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security.

It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor — one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.

ACLU senior staff attorney Brett Max Kaufman pointed out that what Barr didn't address was why, if the FBI can get data off the iPhone without Apple's help, they still need the back door?

"Every time there’s a traumatic event requiring investigation into digital devices, the Justice Department loudly claims that it needs backdoors to encryption, and then quietly announces it actually found a way to access information without threatening the security and privacy of the entire world," said Kaufman.

"The boy who cried wolf has nothing on the agency that cried encryption."

Presumably the Feds want easy instant on-demand access to seized data, rather than battling for months to crack Apple's security measures. ®


Other stories you might like

  • Robotics and 5G to spur growth of SoC industry – report
    Big OEMs hogging production and COVID causing supply issues

    The system-on-chip (SoC) side of the semiconductor industry is poised for growth between now and 2026, when it's predicted to be worth $6.85 billion, according to an analyst's report. 

    Chances are good that there's an SoC-powered device within arm's reach of you: the tiny integrated circuits contain everything needed for a basic computer, leading to their proliferation in mobile, IoT and smart devices. 

    The report predicting the growth comes from advisory biz Technavio, which looked at a long list of companies in the SoC market. Vendors it analyzed include Apple, Broadcom, Intel, Nvidia, TSMC, Toshiba, and more. The company predicts that much of the growth between now and 2026 will stem primarily from robotics and 5G. 

    Continue reading
  • Deepfake attacks can easily trick live facial recognition systems online
    Plus: Next PyTorch release will support Apple GPUs so devs can train neural networks on their own laptops

    In brief Miscreants can easily steal someone else's identity by tricking live facial recognition software using deepfakes, according to a new report.

    Sensity AI, a startup focused on tackling identity fraud, carried out a series of pretend attacks. Engineers scanned the image of someone from an ID card, and mapped their likeness onto another person's face. Sensity then tested whether they could breach live facial recognition systems by tricking them into believing the pretend attacker is a real user.

    So-called "liveness tests" try to authenticate identities in real-time, relying on images or video streams from cameras like face recognition used to unlock mobile phones, for example. Nine out of ten vendors failed Sensity's live deepfake attacks.

    Continue reading
  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading

Biting the hand that feeds IT © 1998–2022